Iters

wolf_crypto::kdf

Struct Iters 

Source 
pub struct Iters { /* private fields */ }
Expand description

The number of iterations for PBKDF.

The general rule is bigger is better (in terms of security), however, bigger is also more computationally expensive.

OWASP recommends using at least 600,000 iterations with SHA256 for passwords, a FIPS requirement. NIST SP 800-132, Section 5.2, back in 2010, recommends anywhere from 1,000 to 10,000,000 iterations (10,000,000 for critical secrets). However SP 800-132 is under active revision, and the lower bound of 1,000 iterations is now considered inadequate for modern security needs.

Implementations§

Source§

impl Iters

Source

pub const fn new(iters: u32) -> Option<Self>

Create a new Iters instance.

§Note

Please see the Iters type documentation for more information and sources to assist in picking the correct value. The value is context dependent, are you hashing a password? You’ll need a very large value, minimum 600,000. For key derivation, again it is context dependent, how critical is this key? How powerful is the host machine? The general rule is the bigger the value, the better in terms of security.

§Arguments
  • iters - The desired number of iterations (must be non-zero).
§Returns
  • Some(Iters): The new Iters instance.
  • None: The provided iters argument was zero.
Source

pub const unsafe fn new_unchecked(iters: u32) -> Self

Create a new Iters instance without any safety checks.

§Safety

This will cause undefined behavior if the provided iters argument is 0. Iters may only be constructed with non-zero values (as the underlying type is NonZeroU32).

Source

pub const fn is_valid_size(&self) -> bool

Returns true if the iteration count can safely be cast to an i32.

Certain KDFs (such as the PBKDF family) take the iteration count as an i32, and check at runtime if the iteration count is greater than 0. This most likely is an older design choice which they must keep for stability reasons.

For ergonomic reasons, we will represent the iteration count as an unsigned int.

Source

pub const fn get(&self) -> u32

Returns the contained iteration count as a u32.

Trait Implementations§

Source§

impl Clone for Iters

Source§

fn clone(&self) -> Iters

Returns a duplicate of the value. Read more
1.0.0 · Source§

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source. Read more
Source§

impl Debug for Iters

Source§

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter. Read more
Source§

impl Display for Iters

Source§

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter. Read more
Source§

impl From<NonZero<u32>> for Iters

Source§

fn from(value: NonZeroU32) -> Self

Converts to this type from the input type.
Source§

impl Ord for Iters

Source§

fn cmp(&self, other: &Iters) -> Ordering

This method returns an Ordering between self and other. Read more
1.21.0 · Source§

fn max(self, other: Self) -> Self
where Self: Sized,

Compares and returns the maximum of two values. Read more
1.21.0 · Source§

fn min(self, other: Self) -> Self
where Self: Sized,

Compares and returns the minimum of two values. Read more
1.50.0 · Source§

fn clamp(self, min: Self, max: Self) -> Self
where Self: Sized,

Restrict a value to a certain interval. Read more
Source§

impl PartialEq for Iters

Source§

fn eq(&self, other: &Iters) -> bool

Tests for self and other values to be equal, and is used by ==.
1.0.0 · Source§

fn ne(&self, other: &Rhs) -> bool

Tests for !=. The default implementation is almost always sufficient, and should not be overridden without very good reason.
Source§

impl PartialOrd for Iters

Source§

fn partial_cmp(&self, other: &Iters) -> Option<Ordering>

This method returns an ordering between self and other values if one exists. Read more
1.0.0 · Source§

fn lt(&self, other: &Rhs) -> bool

Tests less than (for self and other) and is used by the < operator. Read more
1.0.0 · Source§

fn le(&self, other: &Rhs) -> bool

Tests less than or equal to (for self and other) and is used by the <= operator. Read more
1.0.0 · Source§

fn gt(&self, other: &Rhs) -> bool

Tests greater than (for self and other) and is used by the > operator. Read more
1.0.0 · Source§

fn ge(&self, other: &Rhs) -> bool

Tests greater than or equal to (for self and other) and is used by the >= operator. Read more
Source§

impl TryFrom<u32> for Iters

Source§

fn try_from(value: u32) -> Result<Self, Self::Error>

Create a new Iters instance from a u32.

§Errors

If the number of iterations was zero.

Source§

type Error = InvalidIters

The type returned in the event of a conversion error.
Source§

impl TryFrom<usize> for Iters

Source§

fn try_from(value: usize) -> Result<Self, Self::Error>

Create a new Iters instance from a usize.

§Errors
  • If the number of iterations was zero.
  • If the number of iterations was greater than u32::MAX.
Source§

type Error = InvalidIters

The type returned in the event of a conversion error.
Source§

impl Copy for Iters

Source§

impl Eq for Iters

Source§

impl StructuralPartialEq for Iters

Auto Trait Implementations§

§

impl Freeze for Iters

§

impl RefUnwindSafe for Iters

§

impl Send for Iters

§

impl Sync for Iters

§

impl Unpin for Iters

§

impl UnwindSafe for Iters

Blanket Implementations§

Source§

impl<T> Any for T
where T: 'static + ?Sized,

Source§

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more
Source§

impl<T> Borrow<T> for T
where T: ?Sized,

Source§

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more
Source§

impl<T> BorrowMut<T> for T
where T: ?Sized,

Source§

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more
Source§

impl<T> CloneToUninit for T
where T: Clone,

Source§

unsafe fn clone_to_uninit(&self, dest: *mut u8)

🔬This is a nightly-only experimental API. (clone_to_uninit)
Performs copy-assignment from self to dest. Read more
Source§

impl<T> From<T> for T

Source§

fn from(t: T) -> T

Returns the argument unchanged.

Source§

impl<T, U> Into<U> for T
where U: From<T>,

Source§

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

Source§

impl<T> ToOwned for T
where T: Clone,

Source§

type Owned = T

The resulting type after obtaining ownership.
Source§

fn to_owned(&self) -> T

Creates owned data from borrowed data, usually by cloning. Read more
Source§

fn clone_into(&self, target: &mut T)

Uses borrowed data to replace owned data, usually by cloning. Read more
Source§

impl<T> ToString for T
where T: Display + ?Sized,

Source§

fn to_string(&self) -> String

Converts the given value to a String. Read more
Source§

impl<T, U> TryFrom<U> for T
where U: Into<T>,

Source§

type Error = Infallible

The type returned in the event of a conversion error.
Source§

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.
Source§

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

Source§

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.
Source§

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.